Google.com pages found to have access to hidden Chrome API allowing hardware info such as CPU usage to be viewed

dantheclamman@lemmy.world · 3 months ago

Google.com pages found to have access to hidden Chrome API allowing hardware info such as CPU usage to be viewed

Jilanico@lemmy.world · 3 months ago

Isn’t chromium open source? How are the APIs a secret?

infeeeee@lemm.ee · edit-2 3 months ago

Simply noone ever looked and it’s not documented. And the api is locked to work only on google domains so it wasn’t usable to anyone to accidentally notice what’s going on.

The code doesn’t do anything on non-Google domains.

Luca says this - I’m inclined to agree:

This is interesting because it is a clear violation of the idea that browser vendors should not give preference to their websites over anyone elses.

Follow up question: How many other parts of the chromium codebase limited to work on (maybe other) specific domains?

Google.com pages found to have access to hidden Chrome API allowing hardware info such as CPU usage to be viewed

Google.com pages found to have access to hidden Chrome API allowing hardware info such as CPU usage to be viewed

hangout_services/thunk.js